OASIS CLIMATE
AI
DocsPrivate Beta

Privacy Policy

Last updated: 2026-01-25

Privacy at Oasis Climate

Our Philosophy: Respect for Data, by Design

At Oasis Climate, protecting personal data is not a legal obligation to be checked off a list. It is the foundation upon which the trust between you and us is built.

This project stems from the commitment of a single developer, not a large corporation. My reputation is based on transparency and integrity. For this reason, our approach to privacy follows the strictest principles, inspired by the mindset of a data protection expert: Privacy by Design, Accountability, and Data Minimization.

The 3 Pillars of Our Data Management

1. Your Data Is Not for Sale. Ever

This is our most important and non-negotiable commitment.

  • No Sharing with Third Parties: The personal data you provide and the telemetry data from your home will never be sold, transferred, shared, or rented to third parties for marketing or commercial profiling purposes.
  • Limited Purpose: Data is collected and processed exclusively for the purposes described in this policy: to provide the service, improve its effectiveness, and ensure its security.

2. Data for Optimization: The Heart of the Service

To create an effective Digital Twin and improve our algorithms, we need data. Here is how we use it, in full compliance with the GDPR’s minimization principle.

  • Essential Telemetry Data: We only collect data that is strictly necessary for the service to function, such as indoor/outdoor temperatures, boiler activation status, and the parameters you provide for the empirical profiling of your home (e.g., location for weather data, insulation quality).
  • Algorithm Improvement: We use telemetry data in a pseudonymized form to train and improve the effectiveness of our control agents (both deterministic and, in the future, machine learning-based). This allows us to refine the accuracy of the Digital Twin and the efficiency of heating strategies, for the benefit of all users. The data is never used to profile your personal habits, but only to optimize the physical and mathematical models.

3. Full Control for You: Rights Guaranteed by the GDPR

You are the owner of your data. We are merely its temporary custodians (technically, the "Data Processor" on your behalf). We guarantee every right provided for by EU Regulation 2016/679 (GDPR).

  • Right of Access and Portability (Art. 15 and 20 GDPR): At any time, you can request access to all your data.
  • Right to Erasure ("Right to be Forgotten" - Art. 17 GDPR): When you decide to cancel your subscription to the service, we will activate a clear and transparent procedure:
    1. Export: We will send you an email containing an archive with all your personal data and historical telemetry data in a structured, commonly used format (e.g., JSON or CSV).
    2. Irreversible Anonymization: Once you confirm receipt, we will proceed to irreversibly anonymize all telemetry data associated with your account. This means that historical series of temperatures and activations may be retained for statistical and model improvement purposes, but they will be completely disconnected from you and your home, with no possibility of re-identification.
    3. Permanent Deletion: Your personal data (name, email, address) will be permanently deleted from our active systems.
Data CategoryPurpose of ProcessingLegal Basis (GDPR)
Identity Data (Email)Account creation and management; essential service communications.Art. 6(1)(b): Performance of a contract (our Terms of Service).
Location Data (City/Coordinates)Retrieving historical and future weather forecasts for the simulator and the Digital Twin.Art. 6(1)(b): Performance of a contract.
Telemetry Data (Temperatures, Boiler Status)Powering the Digital Twin, providing optimization advice, training the models.Art. 6(1)(b): Performance of a contract.
Browsing Data (Logs, partial IPs)Service security (fraud prevention, technical issue diagnosis).Art. 6(1)(f): Legitimate interest in maintaining the security and integrity of the platform.

We do not process special categories of data (formerly sensitive data, such as health or political opinions) as defined under Article 9 of the GDPR.

Security: A Concrete Commitment (Accountability)

The security of your data is a priority. We adopt appropriate technical and organizational measures to protect data from unauthorized access, loss, or destruction, including:

  • Encryption of communications (HTTPS).
  • Pseudonymization of data used for analysis.
  • Role-based access control.

Data Transfers

The service may use cloud infrastructure providers (e.g., servers) that could be located outside the European Economic Area. In such cases, transfers will only occur to countries for which an adequacy decision from the European Commission exists (such as the EU-US Data Privacy Framework) or in the presence of other appropriate safeguards as provided by the GDPR (Chapter V).

Contact and Data Controller

At present, the project is managed by the founder, as its promoter and developer. For any questions, requests to exercise your rights, or concerns about the management of your data, you can contact me directly at the following email address: privacy@oasis-climate.com.

The founder is committed to responding transparently and promptly, in line with the provisions of the GDPR.

This notice is drafted in accordance with Articles 13 and 14 of EU Regulation 2016/679.